entrepreneurship family business complementary dynamics n.
Skip this Video
Download Presentation
Entrepreneurship & Family Business - Complementary Dynamics

Loading in 2 Seconds...

play fullscreen
1 / 42

Entrepreneurship & Family Business - Complementary Dynamics - PowerPoint PPT Presentation

  • Uploaded on

Entrepreneurship & Family Business - Complementary Dynamics. 1 st Families in Business Day - November 8, 2013. Fraud Prevention. Keys to Protecting Your Business. Presented by: Amy Mailloux, CTP ACI Vice President, Senior Treasury Advisor KeyBank November 8, 2013.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Entrepreneurship & Family Business - Complementary Dynamics' - caron

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
entrepreneurship family business complementary dynamics
Entrepreneurship & Family Business - Complementary Dynamics

1st Families in Business Day - November 8, 2013

fraud prevention
Fraud Prevention

Keys to Protecting Your Business

Presented by: Amy Mailloux, CTP ACI

Vice President, Senior Treasury Advisor


November 8, 2013

“Armed with just a checking account number and a bank routing number, criminals can create checks at whim, experts and law enforcement authorities say.”

- Bob Sullivan, a Technology Correspondent for MSNBC May, 2005


1. Welcome/Introduction

2. Payments industry fraud threats: Overview

3. Payments industry fraud: A closer look

4. Payments fraud: Knowledge is power

5. Types of fraud and how they originate

6. Types of fraud: Phishing

7. Protect against phishing

8. Types of fraud: Social engineering

9. Protect against social engineering

10. Additional cyber security concerns

11. Fraud prevention: Opportunities

12. How your bank can help

13. Additional bank resources and solutions

14. Positive Pay plan offerings: A closer look

15. Universal Payment Identification Code (UPIC)

16. Dual approvals, security alerts, and email notifications

17. Debit Blocks/Filters

Today’s presenter:

Amy Mailloux, CTP ACI

Vice President, Senior Treasury Advisor


Amy has experience serving the small business, government, corporate and middle market customers over the past 28 years in banking. She earned the esteemed Certified Treasury Professional designation in 1997, and the Associates in Captive Insurance earlier this year. Her past experience includes relationship management, commercial lending, administration, cash management sales, administration and coaching. For the last couple of years, Amy has served as the Senior Cash Management Advisor for KeyBank working with Business Banking, Middle Markets and Private Banking clients. She is a frequent guest speaker at finance events and regular presenter at the New England conference of the Treasury Management Association on fraud and prevention.

Amy and her husband, Ernie, are also the founders and owners of Amy’s Granola, a small specialty food company founded in 2003. They reside in Ferrisburgh, Vermont with their four children.

payment industry fraud threats overview

Employee/Customer theft

Check-related fraud

Present- and future-day:

Employee/Customer theft

Check-related fraud

Electronic transactions (ACH & wire)

Cyber crime

Payment industry fraud threats: Overview
Norton’s 2011 Cybercrime report estimates that cybercrime costs us $388 billion annually.

They claim that cybercrime is approximately $100 billion dollars larger than the global black market in marijuana, cocaine and heroin combined.

payments industry fraud a closer look
Payments industry fraud: A closer look

According to the 2013 AFP Payments and Fraud Control Survey:

61% experienced attempted or actual payments fraud

27% reported an increase in the number of fraudulent incidents

87% of affected businesses reported that checks were targeted

29% reported that corporate/commercial purchasing cards were targeted

Average loss was $20,300

64% of respondents discussed fraud prevention/security with their bank at least once in 2012

payments industry fraud a closer look1
Today’s criminal:

Oftentimes belongs to an organized group

Stalks their victim and knows how to attack weak points

Has access to very sophisticated physical and electronic tools

Payments industry fraud: A closer look

Fraud Origination

Outside individual 80%

Organized crime ring 18%

Internal party 10%

Third-party or outsourcer 5%

Account takeover 5%

Other 5%

Lost or stolen laptop 1%

Compromised mobile device <1%

Source of Payments Fraud in 2012, as reported in the 2013 AFP Payments Fraud and Control Survey. (Percent of Organizations Subject to Attempted or Actual Payments Fraud)

payments fraud knowledge is power
Payments fraud: Knowledge is power

When it comes to preventing fraud, we all must take a proactive stance. In some instances, the ability to identify fraud attempts can help stop them, or mitigate the impact they have. Steps you can take include:

Learning about the types of fraud and how they originate

Asking questions

Invest to protect yourself

Educating your employees to be aware of the risks

Your defensive toolkit relies on:





types of fraud and how they originate
Types of fraud and how they originate

Corrupt employees



Fake job listings

Fake sweepstakes/lotteries

File sharing or Peer-to-Peer software


types of fraud and how they originate1
Types of fraud and how they originate

Fake job listings

Shoulder surfing

Janitorial services/Building maintenance



Reading Radio Frequency Indentification (RFID)

Please note:

This list is not comprehensive. Criminals are coming up with new and more efficient methods all of the time.

types of fraud phishing
Types of fraud: Phishing

What it is:

Phishing is a type of Internet fraud that seeks to acquire a user’s credentials by deception.

Oftentimes, it involves the theft of passwords, credit card numbers, bank account details, and other personal, confidential information.

How it works:

Fake notices that appear to be coming from banks, auction sites, e-pay systems, etc. are sent vial email or SMS text messages (Smishing)

Recipient is encouraged to urgently enter or update personal data via a false link

Messages usually contain threats to block accounts or lose access if request is not completed.

protect against phishing
Protect against phishing

Don’t open emails from unknown individuals or organizations.

Be suspicious of any email with an urgent request for personal financial information.

Never click on an embedded link or attachment in an unsolicited email.

Avoid filling out forms in email messages that ask for personal financial information.

Ensure that your browser is up-to-date and security patches are applied.

Run anti-virus software and ensure it’s always updated.

If you receive a suspicious email that appears to come from your bank, do not respond to the message. Instead, forward it to your bank’s fraud prevention department then delete the message from your mailbox.

“The key to social engineering is influencing a person to do something that allows the hacker to gain access to information or your network.”

-Kevin Mitnick

types of fraud social engineering
Types of fraud: Social engineering

What it is:

Social engineering is the practice of deceiving someone either in person or via phone or computer, with the express intent of breaching some level of security or obtaining information.

How it works:

The fraudster, pretending to be a trusted party, may attempt via phone (SMS text message), online (email), or in person to:

Secretly install malicious software on your computer

Trick you into divulging your passwords or other sensitive financial or personal information

Direct you to a website to download something malicious

Ask for remote access to your computer

protect against social engineering
Protect against social engineering

Be suspicious of anyone requesting sensitive information.

Never provide system credentials or any other personal information on an unsolicited inbound call.

Always verify the identity of an unsolicited caller by insisting on calling him or her back at the phone number listed for that company.

Remember that Caller ID is not a foolproof way to verify a caller's identity.

additional cyber security concerns
Additional cyber security concerns

Distributed Denial of Service (DDoS) attacks:

Flooding a website with bad requests

Attempts to make the site “unavailable” to customers

Not hacking, but a way to hide fraud or gain attention for a cause

Malicious Websites

Visiting an infected website could expose your laptop, PC, or mobile device to malware

Designed to hijack your computer

According to McAfee, 2.7 million new malicious URLs are created per month

“There is no doubt that the Internet brims with spamming, scamming and identity fraud. Having someone wipe out your hard drive or bank account has never been easier, and the tools for committing electronic mischief on your enemies are cheap and widely accessible.”

- Evgeny Morozov

fraud prevention opportunities
Fraud prevention: Opportunities

The numerous ways to help protect your business from fraud include:

Deposit accounts/Security features

Dual controls

Cross-training employees

Email encryption

Document shredding/destruction

Written and published policies and procedures

Separation of duties

Internal/External escalation process

how your bank can help
How your bank can help

One key to preventing fraud is to make it difficult for criminals to make you a victim by working with your bank to help ensure you don’t become a victim. Banks offer great products to help stop or reduce fraud loss such as:

Robust security controls for online and mobile banking

Positive pay systems

ACH and EFT filters and filtering

Client educational materials on fraud prevention

your banker can help you with ways to
Your banker can help you with ways to:

Always be aware!

Evaluate your policies

Review your payment types and methods

Educate your employees

Implement fraud prevention and mitigation solutions

“I am thankful the most important key in history was invented. It’s not the key to your house, your car, your boat, your safety deposit box, your bike lock or your private community. It’s the key to order, sanity and peace of mind. The key is “Delete.”

- Elayne Boosler

additional bank resources and solutions
Additional bank resources and solutions

Positive Pay plan offerings

Universal Payment Identification Code (UPIC)

Transaction blocks (ACH, wire only) features

Mr. Abagnale believes that punishment for fraud and recovery of stolen funds are so rare, prevention is the only viable course of action…

- www.abagnale.com

positive pay
Positive Pay

Bank match

Client Match aka Reverse Positive Pay

bank match positive pay
Bank match Positive Pay:

Bank match Positive Pay is where the bank matches the checks presented on the client’s account against the check issue information provided by the client upon check issuance:

Compare & Verify: Check serial number, Amount, Payee name

Same Day

Review and make a payment decision prior to check posting

Prevent over-funding; for stop payment decisions, the CDA funding requirement may be reduced by the amount of the payment

bank match
Bank Match

How it works:

Suspicious payments are reported to client usually via an on-line website, requiring a client decision to Pay or Return.

At setup, you determine the default decision (Pay All or Return All). If no decision is made by the 6:00 p.m. ET deadline, the default decision is submitted.

If your default decision is Pay All, and you are unable to make a decision by the 6:00 p.m. ET deadline, those items will be available to decision with Next Day Positive Pay.

positive pay plan offerings a closer look
Positive Pay plan offerings: A closer look

With Client Match Positive Pay aka Reverse Positive Pay, the client matches the information from the checks presented against their Accounts Payable system:

No check issue information is presented to the bank prior to encashment

Used by companies with lower check volume (less than 1,000 items or $100,000 per month)

Access on-line platform to review images of your daily paid items

Contact bank to initiate a return of a suspecious or fraudulent check

Client must access account daily (preferable early in the day)

Daily reconciliation is strongly encouraged

reverse positive pay extended bank services
Reverse Positive Pay – extended Bank services

How it works:

You can designate pre-selected features including dollar amount thresholds.

Checks presented over the set dollar amount threshold will be automatically flagged for return.

check fraud is on the increase
Check fraud is on the increase….

Use your bank’s Positive Pay or Reverse Positive Pay

Maintain tight check security

Examine new checks when they arrive and keep check boxes sealed until needed

Destroy unused checks from closed accounts

Use highly secure check stock

Avoid multiple colors and sizes of checks

When laser-printing checks, issue passwords

Use check paper with toner anchorage

When typing checks, use a type font of 12 points or larger

Use a fabric, single-strike security ribbon

Reconcile your checking account statement as soon as you receive it

Report losses or suspicious checks to your bank immediately

Separate responsibilities for handling checks

Contact your bank to review your check processes

universal payment identification code upic
Universal Payment Identification Code (UPIC)

UPICs are secure bank account identifiers that allow companies to receive electronic credit payments without divulging their routing and bank account numbers.

Receive more payments electronically while protecting accounts:

Since a UPIC is used in place of the client’s actual bank account information, it can be openly shared to promote the receipt of electronic payments (e.g. print on invoices, websites)

UPICs keep bank account information private

UPICs are used for electronic credit payments only and cannot be used to initiate ACH debits

universal payment identification code upic1
Universal Payment Identification Code (UPIC)

UPICs deliver additional features that:

Reduce the risk of unauthorized debits, demand drafts, and fraudulent checks

Look and act like bank account numbers allowing the UPIC to be used with any cash management or accounts payable system

Apply to a single company bank account, however, one account can have several UPICs

Stay with an organization even if they change banking relationships

dual approvals security alerts and email notifications
Dual approvals, security alerts and email notifications

Clients are strongly encouraged to set up dual authorization for ACH and wire payments as they;

Allow for separation of duties within your department

Provide an additional layer of protection from potential external fraud by making it more difficult for fraudsters to send an unauthorized payment

Enable entitlements to be customized by user, including settings for dollar thresholds, specific accounts and types of payment (i.e. international, domestic, repetitive, one time, etc.)

dual approvals security alerts and email notifications1
Dual approvals, security alerts and email notifications

Security alerts and email notifications are also important to set up as they:

Alert you when certain activity occurs such as new users being setup, password resets, updating of security questions and changing an email address.

In addition, clients can sign up for security-related email notifications for outgoing wire or ACH payments, wires pending approvals or ACH transactions pending release, or Positive Pay items available for decisioning.

on line management of ach debit blocks filters
On-line management of ACH Debit blocks & filters

On-line management gives you the ability to:

Decision items online

Pay or reject items

Add pay authorizations for any future transactions

Block all transactions against your checking accounts with a “Block-All”

Allow certain transactions within tolerances to be paid (originator, amounts, date range)

“There’s a way of transferring funds that is even faster than electronic banking. It’s called marriage.

- author unknown